Meshnet activists rebuilding the internet from scratch

Worried about the NSA snooping on your email? Maybe you need to start creating your own personal internet

THE internet is neither neutral nor private, in case you were in any doubt. The US National Security Agency can reportedly collect nearly everything a user does on the net, while internet service providers (ISPs) move traffic according to business agreements, rather than what is best for its customers. So some people have decided to take matters into their own hands, and are building their own net from scratch.

Across the US, from Maryland to Seattle, work is underway to construct user-owned wireless networks that will permit secure communication without surveillance or any centralised organisation. They are known as meshnets and ultimately, if their designers get their way, they will span the country.

Dan Ryan is one of the leaders of the Seattle Meshnet project, where sparse coverage already exists thanks to radio links set up by fellow hackers. Those links mean that instead of communicating through commercial internet connections, meshnetters can talk to each other through a channel that they themselves control.

Each node in the mesh, consisting of a radio transceiver and a computer, relays messages from other parts of the network. If the data can't be passed by one route, the meshnet finds an alternative way through to its destination. Ryan says the plan is for the Seattle meshnet to extend its coverage by linking up two wireless nodes across Lake Union in downtown Seattle. And over the country at the University of Maryland, Baltimore County, student Alexander Bauer is hoping to build a campus meshnet later this year. That will give his fellow students an alternative communications infrastructure to the internet.

While these projects are just getting off the ground, a mesh network in Catalonia, Spain, is going from strength to strength. Guifi was started in the early 2000s by Ramon Roca, an Oracle employee who wanted broadband at his rural home. The local network now has more than 21,000 wireless nodes, spanning much of Catalonia. As well as allowing users to communicate with each other, Guifi also hosts web servers, videoconferencing services and internet radio broadcasts, all of which would work if the internet went down for the rest of the country.

So successful is the community model that Guifi is now building physical fibre-optic links to places like hospitals and town halls where it can help carry the heaviest traffic.

Earlier this month, the General Hospital in the Catalan town of Gurb was wired up to Guifi with a fibre-optic link, and cable is being rolled out into the nearby town of Calldetenes too.

In the US, people can generally already get online with relative ease, so meshnets there are less about facilitating access and more about security, privacy and net neutrality – the idea that ISPs should treat all traffic equally, and not charge more for certain types.

After the extent of the NSA's clandestine PRISM program was revealed, privacy advocates like the Electronic Frontier Foundation urged users to start using relatively simple email encryption programs like Pretty Good Privacy and GNU Privacy Guard. But even those can be daunting to set up. A better idea would be a decentralised network that relies on encryption by default.

This is the case with Hyperboria, the virtual layer that underpins meshnet efforts in the US. Hyperboria is a virtual meshnet because it runs through the existing internet, but is purely peer-to-peer. This means people who use it exchange information with others directly over a completely encrypted connection, with nothing readable by any centralised servers.

When physical meshnet nodes like those in Maryland and Seattle are set up, existing Hyperboria connections can simply be routed through them. At the moment, Hyperboria offers a blogging platform, email services, and even forums similar to reddit.

Encryption is the starting point. Computer researcher Caleb James DeLisle wrote software called cjdns which allows the Seattle Meshnet nodes to use Hyperboria and keep all communications between them encrypted. Instead of letting other computers connect to you through a shared IP address which anyone can use, cjdns only lets computers talk to one other after they have verified each other cryptographically. That means there is no way anyone can be intercepting your traffic.

The Seattle Meshnet has just completed a successful crowdfunding campaign for meshboxes – routers that come preloaded with the cjdns software needed to join Hyperboria. Users will just plug the routers into their existing internet connection and be ready to go on the virtual meshnet – or a local physical meshnet when one becomes available.

Some form of encryption is already in use across much of the internet, but to be useful it has to be ubiquitous. Web services like Gmail, for example, let you log in using an encrypted connection. But when you send an email it leaves Google's encrypted garden and hits the open web in clear text for anyone to read. With Hyperboria's peer-to-peer connections, every single link in the chain of communication is fully encrypted. Intermediaries that handle traffic cannot even see what kind of traffic it is, let alone read any email. Use the purpose-built hyperboria.name email service, and your communication becomes untraceable.

Instead of a few established players building network infrastructure, DeLisle wants anyone to be able to do it. For him, decentralised internet access in the hands of the people is just a start. The services they use must be decentralised, too. "If people continue to use Facebook, they will continue to be spied on, that's just the reality of the world."

This article appeared in print under the headline "Let's start the net again"

Into the darknet

Visions of a decentralised internet come with a seedier side – the darknet. One way to access it is through the anonymising routing service Tor, which lets a user find hidden web pages that have .onion addresses, rather than IP addresses. But anonymisation like this can facilitate otherwise unacceptable activities. Illegal drug market, Silk Road can only be accessed using its .onion address. But Alexander Bauer, who works on a meshnet in Maryland thinks meshnets are less likely to carry this content. Any website that can successfully run on a meshnet must be socially acceptable to every peer they connect with, making it less attractive for child pornographers or websites like Silk Road.

"That's why we don't think the network will be taken over by child porn. You have to have someone accept what's on your node in order for them to pass your traffic around," he says.

If you would like to reuse any content from New Scientist, either in print or online, please contact the syndication department first for permission. New Scientist does not own rights to photos, but there are a variety of licensing options available for use of articles and graphics we own the copyright to.